package cn.junior_programmer.springsecurityjdbc;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @author junior_programmer
 */
@RestController
public class HelloController {


    /**
     * 普通接口，登录即可访问
     *
     * @return
     */
    @GetMapping("/hello")
    public String hello() {
        return "hello";
    }

    /**
     * admin接口 需要有ROLE_admin的权限才能访问
     *
     * @return
     */
    @PreAuthorize("hasRole('ROLE_admin')")
    @GetMapping("/admin")
    public String admin() {
        return "admin";
    }

    /**
     * admin接口 需要有ROLE_user的权限才能访问
     *
     * @return
     */
    @PreAuthorize("hasRole('ROLE_user')")
    @GetMapping("/user")
    public String user() {
        return "user";
    }
}
